Skip to content
Checked C is an extension to C that adds checking to detect or prevent common programming errors such as buffer overruns and out-of-bounds memory accesses. This repo has a wiki for Checked C, sample code, the specification, and test code.
C TeX Other
Branch: master
Clone or download
saeednj Matching tests to the new logic on handling empty/invalid ranges (#393)
* Removing the unused compile flag
* Pushing the constants to the function arguments, so the compiler can not catch the OOB access, when we are testing the dynamic checks
Latest commit cde470f Dec 2, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
include Adding CheckedC type for strdup. (#358) Jun 12, 2019
papers/dynamic_checks Revamp bounds declaration checking rules for expressions with control… Apr 22, 2019
samples Fix typo. (#389) Oct 22, 2019
spec Fixed typos and citations issues. (#381) Oct 4, 2019
tests Matching tests to the new logic on handling empty/invalid ranges (#393) Dec 2, 2019
.gitignore Add a .gitignore file for executables (#293) Jul 26, 2018
CONTRIBUTING.md
LICENSE.TXT Update copyright notice. Jun 13, 2016
MAILING-LISTS.md
README.md Update README.md Nov 8, 2019
WishList.md Add a wish list of projects. (#27) Jun 15, 2016

README.md

Checked C

Checked C adds static and dynamic checking to C to detect or prevent common programming errors such as buffer overruns and out-of-bounds memory accesses. The goal of the project is to improve systems programming by making fundamental improvements to C. This repo contains sample code, the extension specification, and test code.

  • For a quick overview of Checked C, more information, and pointers to example code, see our Wiki.
  • The PDF of the specification is available here.
  • Compilers are available here.

We are hiring.

We have positions available for a Principal Software Engineer and Senior Software Engineer. We are looking for engineers who have production compiler development experience and who value shipping software.

Papers

We presented a research paper on Checked C at the IEEE 2018 Cybersecurity Development Conference: "Checked C: Making C Safe by Extension". The paper describes the key ideas of Checked C in 8 pages.

Note that we have added features to Checked C for improving type safety (and reducing type confusion) since writing the paper. The Wiki and specification provide up-to-date descriptions of Checked C.

We presented another paper on Checked C at the 2019 Principles of Security and Trust Conference: "Achieving Safety Incrementally With Checked C". This paper describes a tool for converting existing C code to use Ptr types. It also proves a blame property about checked regions that shows that checked regions are blameless for any memory corruption.
This proof is formalized for a core subset of the language extension.

Build Status

Configuration Testing Status
Debug X86 Windows Checked C and clang regression tests Debug X86 Windows status
Debug X64 Windows Checked C and clang regression tests Debug X64 Windows status
Debug X64 Linux Checked C and clang regression tests Debug X64 Linux status
Release X64 Linux Checked C, clang, and LLVM nightly tests Release X64 Linux status

Participating

We're happy to have the help! You can contribute by trying out Checked C, reporting bugs, and giving us feedback. There are other ways to contribute too. You can join the mailing lists for announcements about the project.

Licensing

The software in this repository is covered by the MIT license. See the file LICENSE.TXT for the license. The Checked C specification is made available by Microsoft under the OpenWeb Foundation Final Specification Agreement, version 1.0. Contributions of code to the Checked LLVM/clang repos are subject to the CLANG/LLVM licensing terms.

Code of conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

You can’t perform that action at this time.